Docs Puppet Enterprise Managing access RBAC API RBAC API v2 User group endpoints

User group endpoints

Sections

Request format
Response format
Error response

Groups are used to assign roles to a group of users, which is more efficient than managing roles for each user individually. Unlike the v1/groups endpoint, the v2/groups endpoint has an optional validate query parameter, allowing you to validate that a group exists on the ldap server before creating it.

POST /groups

Create a new remote group and attach roles to it that are specified in its roles list. Authentication is required.

Request format

The endpoint accepts a JSON body containing the following keys:


Key	Definition
`login`	Defines the group for an external IdP. This could be an LDAP login or a SAML identifier for the group. Required.
`role_ids`	An array of role IDs to assign to the group initially. Required.
`display_name`	The name of the group that displays in the console. If this represents an LDAP group, the LDAP group display name will override it. Optional.
`validate`	Validate that the group exists on the LDAP server prior to creating it. Defaults to `true`. If `false`, the group is not validated against LDAP. Optional.

Example:

{
    "login": "augmentators",
    "role_ids": [1,2,3]
    "display_name: "The Augmentors"
 }Copied!

Response format

If the new remote group is created successfully, "303 See Other" with a location header pointing to the new resource is returned.

Error response

"409 Conflict" is returned if the new group conflicts with an existing group.